package com.huoyun.userAdmin.action;

import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.apache.struts2.StrutsStatics;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

import com.huoyun.user.bean.User;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;

public class AccoutSecureInterceptor extends AbstractInterceptor {

	private static final long serialVersionUID = 1L;

	@Override
	public String intercept(ActionInvocation actionInvocation) throws Exception {
		String sp = getLoginUser().getSecurePassword();
		if (sp == null || sp.equals(""))
		{
			return "createSecurePassword";
		}
		
		ActionContext actionContext = actionInvocation.getInvocationContext();
        HttpServletRequest request= (HttpServletRequest) actionContext.get(StrutsStatics.HTTP_REQUEST);  
        Map session = actionContext.getSession();
        String str = (String)session.get("securePasswordVerified");
        if(session.get("securePasswordVerified") == null || ((String)session.get("securePasswordVerified")).equals("false"))
        {
        	String urlBeforeSecure = request.getRequestURI();
            session.put("urlBeforeSecure", request.getRequestURI());       

        	Map<String, String[]> parameterMap = request.getParameterMap();
        	session.put("parameterMapBeforeSecure", parameterMap);
        	
    		return actionInvocation.invoke();//"verifySecurePassword";
        }
        else
        {
        	session.remove("securePasswordVerified");
        	return actionInvocation.invoke();
        }
       
	}
	
	/**
	 * 中获取当前登录的用户
	 * 
	 * @return 用户对象
	 */
	public User getLoginUser() {
		User user = null;

		// 从上下文
		final Authentication auth = SecurityContextHolder.getContext()
				.getAuthentication();

		final Object principal = auth.getPrincipal();

		if (principal instanceof User) {
			user = (User) principal;
		}

		return user;
	}
}
